In this recent post to his site Jeremy Kendall shares some of his thoughts about password hashing and a new library he's written to help make it simpler - event with an existing password hashing method in place.

He shows how to use this password hashing correctly with the "default" hash and how to store that in the database. His Password Validator library aims to help make this even simpler and adds in other features like rehashing and upgrading of legacy passwords. The remainder of the post shows how to use the library for these functions and how to persist them in the tool's storage decorator and interface functionality.